Profile and Page Layout Best Practices for Life Sciences Cloud

Here are the recommended security best practices for profiles and page layouts.

• Use Field Level Security rather than page layouts to hide fields from users. Field Level Security is a safer method for restricting accessibility to data due to compliance regulations. This also helps minimize the number of page layouts. Page layouts prevent a user from seeing fields but does not prevent them from seeing fields in Salesforce reports. Only field level security completely prevents access to fields.

• Always use the least possible number of profiles. Minimizing the number of profiles reduces the amount of security profile field level security settings you must update when you add a new field to an object. Rename unused profiles to include ‘dep_’ to move them out of your way.

• Always use the least possible number of page layouts. This decreases the likelihood of inconsistencies for different record types. Consider using Dynamic Forms instead for ease of maintenance.

• If you consider adding Security Exclusion to bypass enforcement of user access permissions in triggers, you must evaluate this decision very carefully before implementation. While the Salesforce Platform allows you to bypass user permissions, Salesforce doesn't recommend it because CRM is a point in time system, and audits of the system can sometimes lead to inaccurate assessments.